3251 matches found
Mozilla FTP View Cross-Site Scripting Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 + Title: Mozilla FTP View Cross-Site Scripting Vulnerability + Date: 4 August 2002 + Author: Eiji James Yoshida [email protected] + Risk: Medium + Vulnerable: Windows2000 SP2 Mozilla 1.0 + Not vulnerable: Windows2000 SP2 Mozilla 1.1 Beta +...
Apache Tomcat 4.1 - JSP Request Cross-Site Scripting
source: https://www.securityfocus.com/bid/5542/info Jakarta Tomcat is a Java Servlet and JSP server produced by the Apache Software Foundation. Tomcat is available for Microsoft Windows, Linux, and other Unix based operating systems. A cross site scripting vulnerability has been reported in some...
Microsoft Internet Explorer 'Folder View for FTP sites' Script Execution vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 + Title: Microsoft Internet Explorer 'Folder View for FTP sites' Script Execution vulnerability + Date: 7 June 2002 + Author: Eiji James Yoshida [email protected] + Risk: Medium + Vulnerable: Windows2000 SP2 IE5.5SP1 Windows2000 SP2 IE5.5SP2...
Ultimate Bulletin Board 5.4/6.0/6.2 - Cross-Agent Scripting
source: https://www.securityfocus.com/bid/3829/info UBB Ultimate Bulletin Board is commercial web forums/community software that is written in Perl. It runs on various Unix/Linux variants, as well as Microsoft Windows NT/2000. UBB is prone to cross-agent scripting attacks via the insertion of HTM...
Outlook Web Access (OWA) executes scripts contained in email attachment opened via Microsoft Internet Explorer (IE)
Overview Microsoft Outlook Web Access OWA can run malicious scripts on an Exchange server when Internet Explorer IE users open email attachments. Description OWA allows users to access their email accounts on a Microsoft Exchange server from another host through a web browser. When IE users acces...
CGIWrap 2.x/3.x - Cross-Site Scripting
source: https://www.securityfocus.com/bid/3081/info CGIWrap is a free, open-source program for running CGI securely. CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which displays user-supplied input, such as...
CVE-2001-0229
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts...
RhinoSoft FTP Voyager FtpTree incorrectly marked "safe for scripting"
Overview FTP Voyager is an FTP client implemented as an ActiveX control. It is incorrectly marked as "safe for scripting" allowing malicious web pages or email messages to upload and download files. Description FTP Voyager is an FTP client implemented as an ActiveX control. An ActiveX control may...
CVE-2000-1104
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 CVE-2000-0746 allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those...
Microsoft Windows NT 4.0 - User Shell Folders
Microsoft Windows NT 4.0 - User Shell Folders source: https://www.securityfocus.com/bid/1042/info The registry value HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Startup specifies the shared startup folder for all users on a system. This key is set...
pIRCh-dcc.txt
Date: Thu, 12 Nov 1998 11:20:56 -0600 From: "[email protected]" To: [email protected] Subject: Old IRC Client bug Re-Applied If this has already been announced, well, screw me. Problem: The IRC Internet Relay Chat Client, pIRCh automatically assigns your main pirch directory to where DCC...